I have been really struggling with writing a class that executes mysql_real_escape_string on an object passed into a service that inserts data for a new user.
Any help on this? I've looked all over and it seems like something that has been overlooked in tutorials and I can't find a clear example of the right way to do this.
if you are using Zend_Db_Table method to insert or update data then its not necessary to do mysql_escape_string. that will be done by Zend_Db_Table. if You are running query line INSERT INTO tablename VALUES('sdf','sdf'); then you need to escape that else its not required.
Zend has a new function escape() that finally puts it all in one place when you need it.